Prevent Django model field from being rendered

Question

I'm adding a per-user secret key to one of my Django models for internal usage, but I want to make sure that it is not accidentally exposed to the user. Obviously, I can check all the forms using that model today and ensure that they exclude the field, but that is not future proof. Is there any way I can mark a field so it is never rendered or sent to the client even if a form otherwise includes it?

question from:https://stackoverflow.com/questions/65854517/prevent-django-model-field-from-being-rendered

Answer 1

You could use editable=False on your Model field as documented and here

If False, the field will not be displayed in the admin or any other ModelForm. They are also skipped during model validation. Default is True.

Note this works for ModelForms and if you are using regular Form you might consider extending it with custom implementation

---

ModelForm editable removal implementation source